A few weeks ago, CDK Global, a software provider with 15,000 North American car dealership customers, faced back-to-back cyberattacks, effectively taking down scheduling, records, and more for their thousands of customers for days. The CDK Global attack is also the latest cyber incident to spur larger industry-wide conversations around the supply chain risks posed by increasingly ruthless and aggressive bad actors.
Axios had a good writeup on the news, exploring how “CDK is the latest victim in a long series of cyberattacks this year that started with just one tech vendor and rippled out to hundreds, if not thousands, of incidents throughout one sector” (you may recall the side effects of the successful cyberattack on Change Healthcare earlier this year, which took down healthcare payments, eligibility checks, and prescription fulfillment for weeks – even after the company doled out a mammoth $22 million ransom fee).
Here’s what this incident underscores in my mind: It’s a largely unhelpful reminder that patch management matters, particularly as bad actors look to exploit interconnected supply chains and a growing swath of exposed endpoints.
Defense in depth starts with patch management
Patch management is critical for a successful defense-in-depth approach. Many cyber incidents today start with user interactions with phishing emails (according to Egress, 94 percent of organizations fell victim to phishing attacks in 2023). Compound that with poorly patched endpoints, and it’s a recipe for disaster.
Too often, we see adversaries quickly move laterally throughout an organization through a poorly patched environment. Significantly, as organizations and their endpoint estates evolve – grow and expand, alongside trends like WFA and BYOD, or shrink due to consolidation and economic cost-cutting – organizations need to have the basics, like regularly patching, down pat.
Unfortunately, many organizations still aren’t regularly patching, leaving them wide open to increasingly severe and interconnected threats. In fact, a few years back, ServiceNow found that unpatched vulnerabilities are directly responsible for 60 percent of all data breaches!
Organizations must get patch management right to build a sustainable in-depth defense approach. However, to do that, businesses require solutions that make it easy to discover rogue and unknown assets that can be quickly assessed and managed by IT teams before they can cause harm. IT teams also need solutions that enable them to capture patches that cover security and vulnerabilities while omitting patches for tooling or utilities that aren’t vulnerable (which can introduce new issues for IT).
Fortunately, the NinjaOne Network Management System (NMS) can help with all this and more. It gives organizations full visibility of their IT and endpoint estates to get ahead of and remediate risks as businesses grow, automates patching (to save IT teams time and resources while also ensuring that patches are run without the host being interrupted in service), and frees up time for training so IT teams are better prepared to handle cyber incidents when they inevitably occur.
In the end, effective patch management is critical in building a lasting cyber resilience strategy. Understanding your total risk profile on the network and endpoints and effectively training your team to thwart cyber events when they happen are all critical components for defense-in-depth!
